From b563f6b878ee75675e2ed4abfa15378dd07162d9 Mon Sep 17 00:00:00 2001
From: Paweł Dybiec <pawel.to.malpa@gmail.com>
Date: Thu, 18 Apr 2019 10:47:19 +0200
Subject: Move passwords to vault

---
 docker.yml  |  7 ++++---
 secrets.yml | 10 ++++++++++
 2 files changed, 14 insertions(+), 3 deletions(-)
 create mode 100644 secrets.yml

diff --git a/docker.yml b/docker.yml
index 113199d..d243a95 100644
--- a/docker.yml
+++ b/docker.yml
@@ -6,6 +6,7 @@
     docker_compose_dir: "~/compose"
   vars_files:
   - domains.yml
+  - secrets.yml
   tasks:
   - name: Remove old config
     file:
@@ -80,7 +81,7 @@
               - DB_HOST=db:5432
               - DB_NAME=gitea
               - DB_USER=gitea
-              - DB_PASSW=gitea
+              - "DB_PASSW={{gitea_db_password}}"
               - "ROOT_URL=https://{{domains.git.name}}"
               - SSH_DOMAIN=git.dybiec.info
               - SSH_PORT=2022
@@ -98,7 +99,7 @@
             restart: always
             environment:
               - POSTGRES_USER=gitea
-              - POSTGRES_PASSWORD=gitea
+              - "POSTGRES_PASSWORD={{gitea_db_password}}"
               - POSTGRES_DB=gitea
             networks:
               - gitea
@@ -121,7 +122,7 @@
             - "127.0.0.1:{{domains.grafana.proxy.port}}:3000"
             environment:
             - "GF_SERVER_ROOT_URL=http://{{domains.grafana.name}}"
-            - GF_SECURITY_ADMIN_PASSWORD=very_secret
+            - "GF_SECURITY_ADMIN_PASSWORD={{grafana_admin_password}}"
             volumes:
             - "grafana-storage:/var/lib/grafana"
             restart: always
diff --git a/secrets.yml b/secrets.yml
new file mode 100644
index 0000000..b9c081a
--- /dev/null
+++ b/secrets.yml
@@ -0,0 +1,10 @@
+$ANSIBLE_VAULT;1.1;AES256
+37613965643962623638373336343164323736653231346132376436656531396235303763646231
+3734373838356437663031383835363162653562376561620a373034353833323434383165323431
+37656331306438346231653334623433383961343038343931363936373561393866633335616639
+3961353062376238640a323736633630303762643338643539663630646633383961626163323762
+65346439373539316333313738613133646561383237346265613764613139633766326638323631
+36626466643934643934343465313062643161353035663565323664343431363937663738636432
+66363564306236343866643365396335313838353962646663383030613039353965393532643736
+39643436303861383136356638396438623035656262646137646139373030653939363632323763
+3766
-- 
cgit 1.4.1